Meta Fined €91m for Storing User Passwords in Plaintext
Meta Platforms Ireland Limited (MPIL), the Irish branch of the social media giant, has been fined €91m ($102m) by the Irish Data Protection Commission (DPC) for mishandling users' passwords. The DPC accused Meta of breaching GDPR principles by storing passwords in plaintext, exposing them to potential security risks.
The DPC launched an investigation in April 2019 after MPIL notified them of storing certain passwords in plaintext on its internal systems. The DPC's decision centres around the GDPR requirement for data controllers to implement appropriate security measures when processing personal data, considering the risks to users and the nature of the data. The passwords in question are particularly sensitive as they would enable access to users' social media accounts.
Meta took immediate action to rectify the error and proactively informed the DPC about the issue. However, the DPC has since accused Meta of not using appropriate security measures to protect users' passwords, thereby breaching the principles of integrity and confidentiality under GDPR.
The DPC's decision highlights the importance of data controllers implementing robust security measures to protect users' personal data. Meta has been fined €91m for its failure to do so, serving as a reminder of the significant penalties that can result from GDPR infringements.
Read also:
- Pablo Escobar's Former Estate 'Hacienda Nápoles' to Be Transformed by Women's Organization
- Emergency services of the future revealed by Renault with the introduction of the Vision 4Rescue vehicle.
- Compromised Wi-Fi Router Causes Airport Delays, Highlights Aviation Cybersecurity Gaps
- Dortmund Customs Find Wage, Employment, and Benefit Fraud in Hotel and Gastronomy Sector
